Patents by Inventor James L. Jason
James L. Jason has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8955098Abstract: Techniques for configuring network security include obtaining non-packet flow information, evaluating a policy rule based on the obtained information, and proposing a security arrangement based on the evaluation. The non-packet flow information can include, for example, authentication information obtained during an Internet Key Exchange protocol session or information obtained from a layered service provider. Therefore, policies such as Internet Protocol security (IPsec) policies can be defined and implemented so that they more accurately reflect the network's security requirements.Type: GrantFiled: September 14, 2012Date of Patent: February 10, 2015Assignee: Intel CorporationInventors: Victor B. Lortz, Ylian Saint-Hilaire, James L. Jason, Jr.
-
Publication number: 20130311766Abstract: Techniques for configuring network security include obtaining non-packet flow information, evaluating a policy rule based on the obtained information, and proposing a security arrangement based on the evaluation. The non-packet flow information can include, for example, authentication information obtained during an Internet Key Exchange protocol session or information obtained from a layered service provider. Therefore, policies such as Internet Protocol security (IPsec) policies can be defined and implemented so that they more accurately reflect the network's security requirements.Type: ApplicationFiled: September 14, 2012Publication date: November 21, 2013Inventors: Victor B. Lortz, Ylian Saint-Hilaire, James L. Jason, JR.
-
Patent number: 7730459Abstract: A compiler transforms source code into intermediate code and provides the intermediate code to a profiler. The profiler executes the intermediate code. The profiler generates a performance profile that indicates the performance of the intermediate code, and annotates the intermediate code based, at least in part, on data from the performance profile. The compiler receives annotated intermediate code from the profiler and transforms the annotated intermediate code into machine code. Alternatively, the compiler transforms intermediate code to machine code and provides the machine code to a profiler. The profiler executes the machine code and generates a data file that indicates the performance of the machine code. The compiler receives the data file, and modifies the machine code based on the data file.Type: GrantFiled: September 30, 2003Date of Patent: June 1, 2010Assignee: Intel CorporationInventors: Frank G. Gates, James L. Jason, Erik J. Johnson
-
Patent number: 7725573Abstract: Methods and apparatus for supporting agile run-time network systems via identification and execution of most efficient application binary code in view of changing network traffic conditions. Under one embodiment of the method, respective application binaries are compiled for each of a plurality of profiled system states for a network system, wherein each profiled system state corresponds to a respective workload scenario for the network system. During ongoing run-time operations, the current workload condition for the network system is monitored, and an application binary from amongst the multiple application binaries that is most efficient for the current workload condition is identified, loaded and executed.Type: GrantFiled: November 29, 2005Date of Patent: May 25, 2010Assignee: Intel CorporationInventors: Arun Raghunath, James L. Jason, Jr.
-
Patent number: 7725886Abstract: In general, in one aspect, the disclosure describes a method of determining if a first query for data related to a protocol data unit in a first table is a query to a table merged into a combination table formed from multiple tables. If so, the method can generate a second query for the first query for data stored by the combination table.Type: GrantFiled: April 1, 2003Date of Patent: May 25, 2010Assignee: Intel CorporationInventors: Aaron R. Kunze, Erik J. Johnson, James L. Jason, Harrick M. Vin
-
Patent number: 7536674Abstract: Embodiments of the present invention relate to a method and system for automatically configuring network processing software to reduce memory latency associated with parallel processing using a plurality of processing elements.Type: GrantFiled: August 13, 2003Date of Patent: May 19, 2009Assignee: Intel CorporationInventors: James L. Jason, Aaron R. Kunze, Erik J. Johnson, Harrick Vin, Ravi Sahita
-
Patent number: 7508825Abstract: This specification describes technologies relating to classifying data packets based on general property ranges. An interval tree is constructed to represent the applicability of rules to non-overlapping ranges of a data classification property. The interval tree can be a binary tree such as a balanced binary tree or red-black tree. To determine which rules apply to a data packet, the data packet property is compared to the intervals in the tree to find a match. To balance the time and space complexity, a heuristics based approach is used for classifying data packets based on general property ranges of more than one data classification property.Type: GrantFiled: August 5, 2002Date of Patent: March 24, 2009Assignee: Intel CorporationInventor: James L. Jason, Jr.
-
Patent number: 7428583Abstract: A method includes receiving a specification for translating a network policy from a first schema to a second, different schema and translating the network policy into the second different schema based on the specification. A network system is configured based on the translated policy.Type: GrantFiled: October 31, 2000Date of Patent: September 23, 2008Assignee: Intel CorporationInventors: Victor B. Lortz, Ylian Saint-Hilaire, James L. Jason, Jr.
-
Patent number: 7355971Abstract: A method of determining a maximum packet size for data packets sent along a network path. A sending computer sends a packet to a receiving computer through a sending interface. The packet is fragmented during transfer to a receiving interface. The fragments are analyzed at the receiving interface and their size determined. The size of a fragment is compared to a pre-determined maximum packet size, and in response to the comparison, the maximum packet size is changed. The change is then reported to the sending interface and stored in a memory. Subsequent communications from the sending interface to the receiving interface are sent in packets of the size stored in the memory. Because the maximum packet size of a network path can change over time, test packets can be sent periodically to determine the maximum packet size.Type: GrantFiled: October 22, 2001Date of Patent: April 8, 2008Assignee: Intel CorporationInventor: James L. Jason, Jr.
-
Patent number: 7317692Abstract: A method and apparatus to perform network path discovery are described.Type: GrantFiled: November 13, 2002Date of Patent: January 8, 2008Assignee: Intel CorporationInventors: James L. Jason, Jr., Erik J. Johnson
-
Patent number: 7307952Abstract: A method and apparatus to determine whether data flow is restricted by a sending node, a receiving node, or by a network. One embodiment of the invention comprises selectively reading a Sequence Number field (SN) and a Data Offset field (DO) from a Transmission Control Protocol (TCP) header in a data packet from a sender to a receiver. Selectively reading a Total Length field (TL) and an Internet Header Length field (IHL) from an Internet protocol (IP) header in the data packet from the sender to the receiver. Selectively reading an Acknowledgment Number field (AN) and a Window field (W) from a TCP header in a data packet from the receiver to the sender. And, using at least one of the SN, DO, TL, IHL, AN, and W from a network communication session to determine whether the sender, the receiver, or whether the network restricts data flow.Type: GrantFiled: December 20, 2002Date of Patent: December 11, 2007Assignee: Intel CorporationInventors: Gerhard W. Gross, James L. Jason, Jr.
-
Patent number: 7212505Abstract: Communicating over a network includes establishing a communication path between a mobile-device in a first communication area and a server through a home-agent, and maintaining the communication path through the home agent when the mobile-device moves to a second-communication-area.Type: GrantFiled: March 19, 2001Date of Patent: May 1, 2007Assignee: Intel CorporationInventors: Ylian Saint-Hilaire, James L. Jason Jr., Frederick William Strahm, Erik J. Johnson
-
Patent number: 7131137Abstract: A communication system including a security system, and a method of controlling a communication system. The communication system includes a communication network having a plurality of nodes, a server connected to a first one of the nodes, and a client processor. A magnetic medium within the client processor stores the security system for connecting the client processor to the communication network for communication with the server. The security system includes a transmission control protocol for controlling communication between an application on the client processor and the communication network and a security classifier for coupling the transmission control protocol to the communication network and determining a security classification for the client processor. A security association negotiator is responsive to the client processor opening a socket at a node of the communication network, for correlating the socket with a security association based on the determined security classification.Type: GrantFiled: June 29, 2000Date of Patent: October 31, 2006Assignee: Intel CorporationInventors: James L. Jason, Jr., Ylian Saint-Hilaire
-
Patent number: 7072314Abstract: Communicating over a network includes establishing a communication path between a mobile-device in a first communication area and a server through a home-agent, and maintaining the communication path through the home agent when the mobile-device moves to a second-communication-area.Type: GrantFiled: December 7, 2005Date of Patent: July 4, 2006Assignee: Intel CorporationInventors: Ylian Saint-Hilaire, James L. Jason, Jr., Frederick William Strahm, Erik J. Johnson
-
Patent number: 7039916Abstract: The time taken for connection establishment is monitored to aid in selecting load distribution among nodes in a data delivery system, such as a server cluster. The failure of a node to respond to a connection request may be used to identify a crashed node. The number of connections being maintained and the amount of bandwidth being consumed may also be monitored for each node, and this information may be used to determine when a node should be removed from contention for new connection requests and when a node should be reinstated to receive new connection requests.Type: GrantFiled: September 24, 2001Date of Patent: May 2, 2006Assignee: Intel CorporationInventor: James L. Jason, Jr.
-
Patent number: 7028332Abstract: Methods and apparatus for preventing packet retransmissions during Internet Protocol security (IPsec) security association establishment. Application socket requests are monitored. An application requests a Transmission Control Protocol (TCP) connection or transmission of User Datagram Protocol (UDP) data on a socket. A determination is made whether there is an active security association that exists to protect network flow associated with the request. The request is prevented from proceeding if no active security association exists to protect the network flow. A determination is made whether a security policy exists for the network flow if no active security association exists to protect the network flow. A security association negotiation component is alerted to initiate negotiation for a security association based on the security policy if the security policy exists for the network flow. The request is allowed to proceed, i.e.Type: GrantFiled: June 13, 2000Date of Patent: April 11, 2006Assignee: Intel CorporationInventor: James L. Jason, Jr.
-
Publication number: 20040196845Abstract: In general, in one aspect, the disclosure describes a method of determining if a first query for data related to a protocol data unit in a first table is a query to a table merged into a combination table formed from multiple tables. If so, the method can generate a second query for the first query for data stored by the combination table.Type: ApplicationFiled: April 1, 2003Publication date: October 7, 2004Inventors: Aaron R. Kunze, Erik J. Johnson, James L. Jason, Harrick M. Vin
-
Publication number: 20040120255Abstract: A method and apparatus to determine whether data flow is restricted by a sending node, a receiving node, or by a network. One embodiment of the invention comprises selectively reading a Sequence Number field (SN) and a Data Offset field (DO) from a Transmission Control Protocol (TCP) header in a data packet from a sender to a receiver. Selectively reading a Total Length field (TL) and an Internet Header Length field (IHL) from an Internet protocol (IP) header in the data packet from the sender to the receiver. Selectively reading an Acknowledgment Number field (AN) and a Window field (W) from a TCP header in a data packet from the receiver to the sender. And, using at least one of the SN, DO, TL, IHL, AN, and W from a network communication session to determine whether the sender, the receiver, or whether the network restricts data flow.Type: ApplicationFiled: December 20, 2002Publication date: June 24, 2004Inventors: Gerhard W. Gross, James L. Jason
-
Publication number: 20040090922Abstract: A method and apparatus to perform network path discovery are described.Type: ApplicationFiled: November 13, 2002Publication date: May 13, 2004Inventors: James L. Jason, Erik J. Johnson
-
Patent number: 6728243Abstract: A method and a system for classifying a packet are disclosed. In one embodiment, at least one source address is grouped in a source group and at least one destination address is grouped in a destination group. In addition, at least one source port, one destination port, and one protocol are grouped in a protocol group. After grouping process, at least one rule is fetched according to the source group, destination group, or protocol group. After identifying the rule, specific treatment for the packet during the network transmission is identified in response to the rule or rules.Type: GrantFiled: October 28, 1999Date of Patent: April 27, 2004Assignee: Intel CorporationInventors: James L. Jason, Jr., Michael D. Jeronimo